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In vehicular ad hoc networks (VANET), the privacy of vehicle data 
symbolizes a big challenge towards malicious attacks. On the other side, 
vehicles in VANET can play a staple role in monitoring the environment by 
sensing the surrounding environment, compute the sensing information, and 
transfer the results if needed to the authorized party. Most of the modern 
VANETSs systems encrypt the information to prevent hacking it but mostly 
neglect the decryption that occurred when data need to re-processed. In this 
paper, we try to cover this weak point by using fully homomorphic 
encryption (FHE) because of its specifications. The proposed work focus on 
twofold: first, create secure authentication and permission management 
system. While the second is to preserve the privacy of vehicle data that 
transferred among VANET infrastructure. This scheme also deals with 
metric security features, such as data privacy, data integrity, and key 
management. In the experimental results, there is good advance in the fields 
of interest comparing with the related works. 
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1. INTRODUCTION 

In a smart city environment, video streaming is one of the most promising applicable technologies 
[1]. By combining many technologies Vehicular ad hoc networks (VANETs) are expected to support 
mobility, reduce accident incidence, increase transport efficiency, and mitigate road risks [2], [3]. In 
VANETs, vehicles can send and receive video summary or multimedia entertainment through the VANET 
infrastructure [4]. This technique is used to improve road safety and passenger more comfortable. The 
general model of VANETs consists of three parts. In the first part there is a main processing center known as 
the trusted authority server (TAS) that is responsible for generating system parameters and subsequent 
permission. The second part, the road side units (RSUs), act as a router between vehicles and the TAS. All 
VANET vehicles contain sensor nodes used to sense the surrounding environment to provide relevant 
information to the TAS. Among the most critical types of information exchanged inside VANETs is vehicle 
data which exchanged between vehicles via vehicle-to-vehicle beacons (V2V) and between vehicles and 
system infrastructure over vehicle-to-infrastructures beacons (V2I) [5], [6]. The vehicle data includes 
biometric identity, vehicle location, traffic information and so on [7]. Because VANET protocols allow users 
to join and leave the network, a strong authentication scheme is also an important issue. 

In some cases, the exchanged vehicle data needs to be processed or decrypted between VANET 
components [8]. This weakness can be infiltrated by attackers to obtain the exchanged information [9]. In this 
paper, the VANET model is compiled of four major elements: on-board unit (OBU), RSUs, TAS, and a video 
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monitoring system. In the Figure 1, we explain the main differences between traditional work and our 
contributes in this field depend on video summarization. So, Figure 1(a) illustrates a traditional VANET 
system, while Figure 1(b) outlines a VANET system supported by video streaming technology based on the 
proposed scheme. This model is support by visual monitoring systems installed inside RSUs and OBUs to 
transmit information about the surrounding environment to the TAS. Each element carries out specific tasks 
such as identifying trespassers, registering vehicles which TAS recognizes, and defining system limits [10]. 
In our proposed scheme we choose fully homomorphic encryption (FHE) to secure vehicle and infrastructure 
data. FHE extends the scope of computations, providing the ability to process any data encrypted 
homomorphically [11]. The primary outline of this paper is as follows: section 2 provides details about basic 
tools and system models, the section 3 describes the proposed scheme, section 4 explains our experimental 
results and analysis and section 5 is the conclusion. 
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Figure 1. Denotes to main differences between tradititonal system and our work (a) traditional VANET 
system and (b) VANET system supported by video streaming 


2. PRIMITIVES AND SYSTEM MODEL 
2.1. Security and privacy requirements 

To prove that our proposed scheme is safe and achieve reliable network, the following goals should 
be ensured in order to create secure authentication and permission management system: 

— Message and video stream integrity and authentication. VANET ensures message and video stream 
integrity and the message and video stream beacons must check whether any content is corrupted during 
transmission. 

— Privacy preservation: vehicles data should be secured. 

— Traceability and revocation. 

— Traceability and revocation: conditional anonymity should be offered to detect malicious vehicles and 
break their connection if necessary. 

— Non-repudiation: senders of beacons and video streaming should forward receive data. 

— Conditional anonymity: protect the normal vehicles real identity. 

— Resistance to attacks: resisting attacks such as replay, impersonation, modification and MITM. 


2.2. Cryptographic tool-(fully homomorphic encryption) 

In 2009, Gentry [12] described FHE as a method allowing user to do calculations over encrypted 
data without need to decryption. As an important characteristics of FHE, the result of computations is also in 
an encrypted form [13]. FHE have become very important comparing with many another cryptographic tools 
[14]. In fact, FHE can be viewed as an extension for Symmetric-key or public-key cryptography [15]. 
Basically, let (pn = K). Then if m4, m,, ...., Mp are the cryptographic form of inputs. The encryption with 
multiplication of modulo K?. Then: the result also is on an encrypted form of [m, + m, mod K?] this is 
because: - ((1 + K)™.rk). ((1 + K)™2. rX)=(1 + K)imitm2 mod kK] (7 r,)K mod K?. Indeed, FHE has been 
widely used in consumer privacy in advertising, medical applications, data mining, financial privacy, and for 
forensic image recognition [16], [17]. 


2.3. System model 

The proposed scheme can use in a VANET system with the following specifications: TAS should be 
fully trusted, generate all system parameters, can process any input information including video summary 
also can take the required decision, possess all component locations. RSU has the following ability: has built- 
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in camera device, can provide video streaming for surround environments or for received stream in real-time, 
deployed and collect VANET range, each neighbored RSUs interfered, finally all RSUs are connected and 
powered to each other and with TAS via secured wire system. OBUs: has a camera device, installed and 
powered inside vehicles, can send and receive from/to surround OBUs, and use IEEE 802.11p protocol to 
connect with other OBUs or with nearest RSUs. 


3. RELATED WORKS 

In this section, we offer an analysis of some previous works related to the authentication and privacy 
fields in VANET. We will focus on those protocols that are FHE based. Zhang et al. [15] proposed a secure 
communication and power injection scheme. This scheme can work over 5G grid slices and VANETs. The 
proposed scheme was collected from a trusted authority server, administration centre, power storage unit and 
roadside units. Additionally, the model contains several areas, such as parking and residential districts. Each of 
these areas contains a GetWay, which plays a role in communicating with the power storage units. Communication 
between a trusted authority server and GetWay uses a SG slice grid. In this scheme, a trusted authority server 
decides the amount of power injected by power storage units. By applying both hash and then homomorphic 
technologies, the injected power is divided into time intervals and aggregated by each electrical vehicle. 

In 2018, a secure task recomposition was proposed by Wang et al. [18]. This method is for 
computing in crowdsensing in VANETs fog. In this method, vehicles are assumed to have limited 
communication and computing capabilities. The cloud server acts as a services provider and a trusted 
authority center. All the system entities communicate with one another via dedicated short range 
communication 5G. The cloud server collects all results from subtasks. Based on these results, the cloud 
server recovers overall subtasks and tests reliability. The experimental results show an acceptable cost 
considering communication and computation. 

In 2018, Ogundoyin [19] proposed a mechanism for traffic movement analysis. This mechanism is 
designed to ensure intelligent transportation system security. The traffic data (speed and data) collected from 
vehicles preserve privacy for all user information. Based on Chinese reminders and Paillier algorithms, the 
data aggregated, authentication bandwidth and time will be saved. In the proposed mechanism, the 
communication between trusted authority servers and vehicles relies on a secure channel. The trusted 
authority server will create a hash chain and generate a temporary private key. The transport management 
system analyses these aggregated data. 

In 2019, Kong et al. [20] proposed a method to reduce the load on system resources. In the field of 
vehicles on the Internet, a secure data share scheme comprised roadside units, vehicles and traffic 
management systems. In this scheme, every vehicle builds its data report; then roadside units collect these 
reports from vehicles. After implementer the secure data aggregation, the aggregated data transferred to the 
traffic management system to take a decision. 

Perma [21] proposed a modified fully homomorphic encryption scheme to reduce the computational 
cost by re-encrypt the data. This modified scheme required a communication cost less the required when 
using pillar schemes. The authentication technique is used to utilize data. This scheme uses mutual 
authentication technique to utilize data and access the server in VANETs. The experimental results show that 
it can prevent distance estimation errors and it is strong against malicious attacks. 

In 2019, and based on fog computing, Sun et al. [14] proposed a stagy vehicles crowdsensing scheme 
used for data collection security. The proposed scheme is composed of fog buses, cloud data centers, upper-tier 
fog, data requester, and vehicles. A secure data aggregation based on the paillier algorithm and 2-DNF 
Formulas on Cipher texts [22]. The simulation evaluation metrics include the participation ration, successful 
participation ratio, and throughput. Simulation results show that it is suitable for the urban area of work. 

In 2018, He et al. [23], designed a three steps ride-matching in ride-sharing scheme. The proposed 
scheme is implemented on some of NEXUSS mobile phones. This scheme works under an Android 5 environment 
and uses Bluetooth 4 techniques. The experimental results show that it is efficient and secure to apply. 

In 2019, Yucal et al. [24] suggest BMNNC method. This method uses peer-to-peer communications. The 
proposed method contains electrical vehicles and electrical power charging units. The vehicles firstly search for the 
nearest charging units, if there, then it will send a reply message in a reasonable time. 

Ulybyshev [25] proposed a secure data exchanging scheme. The proposed scheme is based on 
access control attributions and rolls. The data exchange between any pairs of vehicles uses TCP/IP technique. 
The experimental results show that this method can prevent any data leakage caused by insider attacks. Table 1 
shows a comparison between the related works on some sides. 
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Table 1. Comparison between related works 


REF. /Year Standard paillier Data Application scenario Features 
computation aggregation 

[15]- 2018 yes Yes Power injection scheme Can the overall quantity of power only 

[18]- 2018 yes Yes Task recomposition Encrypt the sensed subtask at first 

[19]- 2018 No Yes Analysis Saving both bandwidth and authentication time 

[20]- 2019 No Yes Data sharing Save system resources 

[21]- 2019 No Yes Data Aggregation Keep distance estimation secure 

[14]- 2019 Yes No Vehicle crowd sensing Two- layers fog architecture 

[23]- 2018 Yes No Ride-matching Three steps 

[24]- 2019 Yes No Online matching Distributed scheme 

[25]- 2018 Yes No Search Supports the subset of query languages 


4. PROPOSED SCHEME 

The VANET was constructed from three major parts, TAS, RSU, and OBU. TAS is responsible and 
able to generates system parameters and manage all VANETs activities. While, OBE are connected to the 
nearest RSUs to transfer data between OBUs via V2V beacons or between OBUs and VANETs infrastructure 
via V2I beacons. Here, we note that there are two different types of connections, Ad-Hoc network and 
infrastructure. According to the third-party trust, OBUs may consider as fully reliable or not reliable for other 
operations. To prevent discreet communication in V2V beacons, OBU is used as a router. OBUs may contain 
several types of sensors such as cameras, radio, and heat sensors. All data recorded by these sensors are 
stored in internal storage inside vehicles until it is required to send it. The meaning of the frequently used 
notations that we used in our proposed scheme paper presented in Table 2. The main goal of this table is 
demonstrated the details of symbols in the proposed work. 


Table 2. Preliminary notations 


Preliminary notations Symbols description 
N System parameter 
G Public system generator 
R Random number 
cid Computation identifier (public). The operation type is specified with cid 
HO Hash function 
L(*) Input bit length 
N Number of processing data 
(sds, pds) ds key pair 
(sas, pas) as key pair 
ds = pskds Public parameters of ds and as 
(sj, pj) de key pair (j) 
(si, pi) u key pair (i) 
[m] Cipher text of message 
Mi Raw data from de, i 
[m] + Re-encryption of message m by ds 
mY pi Ciphertext of message m under pi 


4.1. Computational tools 

VANETs services or beacon services (BS) which provides correlation of OBUs in the Ad-Hoc 
network of VANET. To compute the security of V2I beacons, an access sensor is used. When data is encrypted 
and collected; data encrypts (DE) is used for other computational analysis also. Vehicles OBUs (VO) process 
and deals with encrypted data. Table 2 shows all preliminary notations we used in the proposed scheme. In this 
research, the aim to ensure the safe beacons transmission inside VANET with or without deployment. Beacons 
include much critical information such as speed, location, and identity. In our work, we propose a scheme focus 
on beacons privacy preservation when it encrypted or decrypted. Also, TAS generates, update, and revoke all 
vehicles that joined to VANET. The generated pseudonym of any vehicle is given by ps= 
time||p(rid) || hc||RSU. Where: ps is the pseudonym generated by TAS, p(rid) represents the value of the real 
vehicles identity after encryption using public key pk and vehicles home code hc. In the proposed scheme, the 
information are broadcasted from RSU towards OBUs periodically. The following steps illustrates the proposed 
scheme, (V2V beacons authentication, vehicles in range of home authentication with RSU, RSU pseudonym 
generation and broadcasting, V2I authentication, cross V2V authentication, and authentication inside software). 


4.2. Setup function 
Let: ds follow paillier cryptosystem. When it encrypt similar keys p will represented as (mj)p 


where (i = 1,2,3 ....Q). WhereD, (T12., [m;]) =F, m;. Let r,t as large prime numbers where n = 
mul(r,t). So, let G is group cycle element, G,g,andh represent maximal order elements. Then h = 
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g* mod n? where x € [1, a(n?)] and a(0) is the Euler function with x as co-prime factor. Hence, the additive 
homomorphic encryption [12], [13]. 


DATIZA ba) = E2; m; (1) 


4.3. Key encryption function 

In this section h, g and n represents aparameters has a secure value a. In the subsection 4.1, we 
illustrate the major jobs and distributes keys used in encryption/ decryption exchanged messages between 
components in VANET’s environment. The following steps refers to encryption function. 
- Generate h = g* mod n? where x E [1,a(n?)]. 
- Cipher key generation is done by using: 


{m},, = (T,T) = (h (1 + m°n), g*)mod n? (2) 


- By knowing both h and m values, then the decryption is done by using: 
T 
m=Q (=) mod n? where Q(u) = (u — 5 (3) 


4.4. Key decryption function 
There are two parameters used to generate a key. This key is used to secure massage. These 
parameters are security and large primary numbers (p, q) sequncely: 


L(p) =k=L@q), p=pt+2p,q=1+2q ,n=pq 


Soper =p Sy? mod n? (4) 

The p is used as a public key for all users. The p will broadcast to all vehicles for using in 
encryption/ decryption to exchange data between components. The Table 3 illustrates the resulted equations. 
In this scheme, we note from Table 2 equations that there is an impact for both secret key length and data 
length. The following sections discuss these influence in details. 


Table 3. Equations of operations 
Operation Equation 
Generation of cipher text of two (wi) = (Wp = (Ti, T/ ) (5) 
key encryption (2KE) 


Where 
T; = (1+wjn)P™modn? and 7 = g'’modn’, r E (1,0.25n)and , m;i E Zn and P = 
server 


Decryption of two keys (2KD) (Wi)pac = [(1 + Win) par pr graļmodn? (6) 
Where:- 
yo = P’modn?, w; = L (- i) mod n? 

Initial re-encryption (IRE) hz = L,[(P))°* Il cria], (Wp = [T,T] 
= (7, TN gh? (7) 


4.5. Impact of secret key length (bits) 

The length of the secret key (in bits) is the estimated re-encryption method. The secret key length 
can be taken between (150-300) bits by increasing 25 bits for each step. To get the required results, the 
network density is increased. As shown in Table 4 and Figure 2, the relationship between the estimated cost 
with the length of the secret key. 


Table 4. Influence of secret key length 
Secret key length Enc Dec 2KE 2KD IRE  RDEn 


175 6.3 10 4.3 16 7 15.9 
200 10 10.513 4.8 16.3 73 15.8 
225 13.2 13 5 20 9 16.3 
250 20.3 20 5.8 22 12.5 15.3 
275 23.2 22.8 7.89 16.7 18 16.3 
300 23.8 24 10.33 15.3 24.5 16.4 
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Figure 1. Influence of secret key length 


4.6. Impact of input data length (bits) 


485 


In this scheme, we note all the transferred information is sending or receive as (beacons). In the 
experimental test, we try different beacons lengths. We start from (50-300) bits in 25 bits step. Table 5 
explained the resulted from changing different beacons lengths. From the resulted values, we note that the 
proposed scheme can deals with different sizes of beacons since it does not apply any compression method. 
Since the data we used in the proposed system model are mainly multimedia, we note that an increase in 


overhead with increase the beacon size. Figure 3 show the resulted values curve for all steps. 


Table 5. Influence of input data length (bit) 


Input data length Enc Dec 2KE 2KD IRE RDEn 
50 14 5.9 12.1 5 12.6 149 
75 14.1 6 12.1 6 12.6 149 
100 14.7 6.1 12.3 6.1 12.6 149 
125 148 618 123 64 126 148 
150 14.9 62 123 63 12.6 14.7 
175 15 638 124 64 12.7 14.6 
200 15.2 64 125 64 12.7 14.6 
225 15.2 64 125 6.4 13 14.5 
250 15.3 6.55 125 64 12.7 14.5 
275 154 66 126 64 13 14.5 
300 15.5 67 12.7 64 13.1 14.45 
325 15.5 67 12.7 645 13.2 14.34 
350 15.7 68 12.8 645 13.2 14.22 
375 15.8 7 12.9 6.45 14 14.2 
== RDEn 
a —IRE 
E 
g w= 2KD 
3 
E = 2KE 
3 
— Dec 
ome Enc 


0 oH Tr 


= jnput data length 
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Figure 2. Influence of input data length (bit) 


5. CONCLUSION 


= 


T 


T 


We proposed privacy preservation scheme using FHE in VANET, so the beacons will encrypted when 
send and till received. The FHE scheme will transfer insecure manner via VANETs components. Our work 
scheme protects the beacons with a high level of security. Also, the proposed scheme reduces the compression 
time, which leads to an increase in the system model overhead with long secret keys and with long beacons. In 
VANET construction, mutual authentication is provided using both ds and as. A dual authorized entry also 
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gives the proposed scheme a special feature. We conclude from experimental results that the impact of both 
security key and beacon on system performance and overhead. 
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